aboutsummaryrefslogtreecommitdiff
path: root/NEWS
diff options
context:
space:
mode:
authorFlorian Weimer <fweimer@redhat.com>2017-10-22 09:29:52 +0200
committerFlorian Weimer <fweimer@redhat.com>2017-10-22 09:29:52 +0200
commit914c9994d27b80bc3b71c483e801a4f04e269ba6 (patch)
treeaec9c5728e95a72b8f57dad2f11dfec906c7e0a5 /NEWS
parente80fc1fc98bf614eb01cf8325503df3a1451a99c (diff)
downloadglibc-914c9994d27b80bc3b71c483e801a4f04e269ba6.zip
glibc-914c9994d27b80bc3b71c483e801a4f04e269ba6.tar.gz
glibc-914c9994d27b80bc3b71c483e801a4f04e269ba6.tar.bz2
Update NEWS and ChangeLog for CVE-2017-15671
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS5
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 0540fd2..c38fb88 100644
--- a/NEWS
+++ b/NEWS
@@ -77,6 +77,11 @@ Security related changes:
on the stack or the heap, depending on the length of the user name).
Reported by Tim Rühsen.
+ CVE-2017-15671: The glob function, when invoked with GLOB_TILDE,
+ would sometimes fail to free memory allocated during ~ operator
+ processing, leading to a memory leak and, potentially, to a denial
+ of service.
+
The following bugs are resolved with this release:
[The release manager will add the list generated by